Security Engineering towards Building a Secure Software

This chapter presents a security engineering process based on UML security problem frames and concretized UML security problem frames. Both kinds of frames constitute patterns for analyzing security problems and associated solution approaches. They are arranged in a pattern system that makes dependencies between them explicit. The authors describe step-by-step how the pattern system can be used to analyze a given security problem and how solution approaches can be found. Then, solution approaches are specified by generic security components and generic security architectures, which constitute architectural patterns. Finally, the generic security components and the generic security architecture that composes them are refined, and the result is a secure software product built from existing and/or tailor-made security components.

Download Full-text

Integrating Security and Software Engineering

Information Security and Ethics ◽

10.4018/978-1-59904-937-3.ch014 ◽

2008 ◽

pp. 200-210 ◽

Cited By ~ 2

Author(s):

H. Mouratidis ◽

P. Giorgini

Keyword(s):

Software Engineering ◽

Security Engineering ◽

Secure Software Engineering ◽

Secure Software

This chapter serves as an introduction to this book. It introduces software engineering, security engineering, and secure software engineering, providing de?nitions and explanation of terms necessary for readers to understand the subsequent chapters. Characteristics of each of the above areas are presented followed by an overview of the current advances in these areas. Finally, the 10 approaches described in the remaining chapters of the book are brie?y introduced.

Download Full-text

Developing Secure Software Using UML Patterns

Standards and Standardization ◽

10.4018/978-1-4666-8111-8.ch013 ◽

2015 ◽

pp. 228-264

Author(s):

Holger Schmidt ◽

Denis Hatebur ◽

Maritta Heisel

Keyword(s):

Security Architecture ◽

Engineering Process ◽

Security Engineering ◽

Problem Frames ◽

Architectural Patterns ◽

Software Product ◽

Secure Software ◽

Security Problem ◽

Security Components ◽

Associated Solution

This chapter presents a security engineering process based on UML security problem frames and concretized UML security problem frames. Both kinds of frames constitute patterns for analyzing security problems and associated solution approaches. They are arranged in a pattern system that makes dependencies between them explicit. The authors describe step-by-step how the pattern system can be used to analyze a given security problem and how solution approaches can be found. Then, solution approaches are specified by generic security components and generic security architectures, which constitute architectural patterns. Finally, the generic security components and the generic security architecture that composes them are refined, and the result is a secure software product built from existing and/or tailor-made security components.

Download Full-text

Integrating Security and Software Engineering

Integrating Security and Software Engineering ◽

10.4018/978-1-59904-147-6.ch001 ◽

2007 ◽

pp. 1-15 ◽

Cited By ~ 9

Author(s):

H. Mouratidis ◽

P. Giorgini

Keyword(s):

Software Engineering ◽

Software Engineer ◽

Security Engineering ◽

Secure Software Engineering ◽

Secure Software

This chapter serves as an introduction to this book. It introduces software engineer-ing, security engineering, and secure software engineering, providing de?nitions and explanation of terms necessary for readers to understand the subsequent chapters. Characteristics of each of the above areas are presented followed by an overview of the current advances in these areas. Finally, the 10 approaches described in the remaining chapters of the book are brie?y introduced.

Download Full-text

Developing Secure Software Using UML Patterns

Handbook of Research on Innovations in Systems and Software Engineering - Advances in Systems Analysis, Software Engineering, and High Performance Computing ◽

10.4018/978-1-4666-6359-6.ch002 ◽

2015 ◽

pp. 32-70 ◽

Cited By ~ 1

Author(s):

Holger Schmidt ◽

Denis Hatebur ◽

Maritta Heisel

Keyword(s):

Security Architecture ◽

Engineering Process ◽

Security Engineering ◽

Problem Frames ◽

Architectural Patterns ◽

Software Product ◽

Secure Software ◽

Security Problem ◽

Security Components ◽

Associated Solution

This chapter presents a security engineering process based on UML security problem frames and concretized UML security problem frames. Both kinds of frames constitute patterns for analyzing security problems and associated solution approaches. They are arranged in a pattern system that makes dependencies between them explicit. The authors describe step-by-step how the pattern system can be used to analyze a given security problem and how solution approaches can be found. Then, solution approaches are specified by generic security components and generic security architectures, which constitute architectural patterns. Finally, the generic security components and the generic security architecture that composes them are refined, and the result is a secure software product built from existing and/or tailor-made security components.

Download Full-text

Developing Secure Software Using UML Patterns

Computer Systems and Software Engineering ◽

10.4018/978-1-5225-3923-0.ch030 ◽

2017 ◽

pp. 741-781

Author(s):

Holger Schmidt ◽

Denis Hatebur ◽

Maritta Heisel

Keyword(s):

Security Architecture ◽

Engineering Process ◽

Security Engineering ◽

Problem Frames ◽

Architectural Patterns ◽

Software Product ◽

Secure Software ◽

Security Problem ◽

Security Components ◽

Associated Solution

This chapter presents a security engineering process based on UML security problem frames and concretized UML security problem frames. Both kinds of frames constitute patterns for analyzing security problems and associated solution approaches. They are arranged in a pattern system that makes dependencies between them explicit. The authors describe step-by-step how the pattern system can be used to analyze a given security problem and how solution approaches can be found. Then, solution approaches are specified by generic security components and generic security architectures, which constitute architectural patterns. Finally, the generic security components and the generic security architecture that composes them are refined, and the result is a secure software product built from existing and/or tailor-made security components.

Download Full-text